Re: Use password-store with weechat
On 11/26, pab...@mailbox.org wrote: > Well, that gets rid of the prompt at login, but does not avoid having > passwords in the weechat config. > > Even though it is encrypted with a passphrase, I want to keep all my > passwords in *one* place - pass. I hear you, I'd like that too. But alas, this is currently not supported by weechat. > Would it be possible to get weechat config strings from environment > variables? i.e. having a FREENODE_PASS var e.g.? No, sadly that is not possible. > That would at least get rid of the passwords inside weechats > config files, though I don't know if exposing passwords as environment > variables is a good idea, as any application could read them. If you do it like $ SECRET_PASSWORD = SECRET application only application (and briefly your shell) can read SECRET_PASSWORD. Regards, Tharre -- PGP fingerprint: 42CE 7698 D6A0 6129 AA16 EF5C 5431 BDE2 C8F0 B2F4 signature.asc Description: PGP signature ___ Password-Store mailing list Password-Store@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/password-store
Re: Use password-store with weechat
Well, that gets rid of the prompt at login, but does not avoid having passwords in the weechat config. Even though it is encrypted with a passphrase, I want to keep all my passwords in *one* place - pass. I host my configs in a public dotfiles repo, and would like not to have to worry about sensitive data being published somewhere. Even though weechat may be encrypted, it is one extra place you have to think about how to manage, guard, sync and safely store (another "attack vector"). Also, I have to get rid of the salt, making the encryption even weaker. Might be paranoid, but I don't feel confortable pushing unsalted passwords, encrypted by some application to a public repo. Also sync and lookup are to extra steps to configure. Would it be possible to get weechat config strings from environment variables? i.e. having a FREENODE_PASS var e.g.? That would at least get rid of the passwords inside weechats config files, though I don't know if exposing passwords as environment variables is a good idea, as any application could read them. Cheers, Pablo On Mon, Nov 26, 2018 at 07:09:08PM +0100, Tharre wrote: > Hi, > > On 11/26, pablo1+p...@mailbox.org wrote: > > Hello, > > > > I was wondering if someone has found a way to integrate pass in > > weechat. > > > > Weechat's config doesn't allow to sepecify external programs to be > > run. There is a issue on the github page > > (https://github.com/weechat/weechat/issues/141) for this problem, but > > I don't have much hope of it being implemented soon. > > > > Their approach seems to be their own "secure storage", but I would > > like to use pass, since I have everything in there already. > > > > Has someone found a workaround? Any weechat users? > > > > Cheers, > > Pablo > > > > The workaround I use in my dotfiles[0] is simply letting weechat have > it's fancy secure storage and providing the passphrase via pass: > > $ WEECHAT_PASSPHRASE="$(pass personal/weechat)" weechat > > Then turn the salt off in sec.conf: > > [crypt] > salt = off > > so weechat doesn't re-salt everything all the time. > > It's not pretty, but works very well. > > [0] https://github.com/Tharre/dotfiles > > Regards, > > Tharre > > -- > PGP fingerprint: 42CE 7698 D6A0 6129 AA16 EF5C 5431 BDE2 C8F0 B2F4 signature.asc Description: PGP signature ___ Password-Store mailing list Password-Store@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/password-store
Re: Use password-store with weechat
Hi, On 11/26, pablo1+p...@mailbox.org wrote: > Hello, > > I was wondering if someone has found a way to integrate pass in > weechat. > > Weechat's config doesn't allow to sepecify external programs to be > run. There is a issue on the github page > (https://github.com/weechat/weechat/issues/141) for this problem, but > I don't have much hope of it being implemented soon. > > Their approach seems to be their own "secure storage", but I would > like to use pass, since I have everything in there already. > > Has someone found a workaround? Any weechat users? > > Cheers, > Pablo > The workaround I use in my dotfiles[0] is simply letting weechat have it's fancy secure storage and providing the passphrase via pass: $ WEECHAT_PASSPHRASE="$(pass personal/weechat)" weechat Then turn the salt off in sec.conf: [crypt] salt = off so weechat doesn't re-salt everything all the time. It's not pretty, but works very well. [0] https://github.com/Tharre/dotfiles Regards, Tharre -- PGP fingerprint: 42CE 7698 D6A0 6129 AA16 EF5C 5431 BDE2 C8F0 B2F4 signature.asc Description: PGP signature ___ Password-Store mailing list Password-Store@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/password-store
Re: Use password-store with weechat
On 18-11-26 13:55:21, pablo1+p...@mailbox.org wrote: Hello, I was wondering if someone has found a way to integrate pass in weechat. Weechat's config doesn't allow to sepecify external programs to be run. There is a issue on the github page (https://github.com/weechat/weechat/issues/141) for this problem, but I don't have much hope of it being implemented soon. Their approach seems to be their own "secure storage", but I would like to use pass, since I have everything in there already. Has someone found a workaround? Any weechat users? Cheers, Pablo Nope! And you are not alone, I too have been interested in this. A passeval option is pretty common in most programs these days so hopefully it gets implemented in weechat too. signature.asc Description: PGP signature ___ Password-Store mailing list Password-Store@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/password-store
Use password-store with weechat
Hello, I was wondering if someone has found a way to integrate pass in weechat. Weechat's config doesn't allow to sepecify external programs to be run. There is a issue on the github page (https://github.com/weechat/weechat/issues/141) for this problem, but I don't have much hope of it being implemented soon. Their approach seems to be their own "secure storage", but I would like to use pass, since I have everything in there already. Has someone found a workaround? Any weechat users? Cheers, Pablo signature.asc Description: PGP signature ___ Password-Store mailing list Password-Store@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/password-store